At Fixkiss, we take the security of our products very seriously. If you’re an Fixkiss customer, and you use our connected products, here is all the information you need to know about Fixkiss’s product security principles.

Frequently asked questions about Fixkiss data security

We do everything in our control to make sure the data we have in our system is used for one purpose: making your life easier with Fixkiss products. Below are some answers to commonly asked questions regarding the security of the data we have at Fixkiss:

How do we secure our connected products?

At Fixkiss, we take a defense-in-depth approach to security, adding multiple layers of protection around our robots, cloud and apps from start to finish. We ensure that the development of our products follows industry-standard security best practices, and we are using technology-leading tools to assist our development and security teams during this process. When deployed to market, we work with our suppliers and partners to ensure that our products and our suppliers' and partners' supporting infrastructure (including physical infrastructure, cloud and mobile apps) are properly configured, monitored and continuous security improvement processes are in place.

How do we handle your data?

All the data collected from your Fixkiss products as per the Privacy policy is handled with care and high levels of security. The data is encrypted both in transit and at rest. Data access is controlled strictly and limited only to authorized personnel to do their job and help improve your product experiences.

How is data secure while in transit?

All Fixkiss connected products communicate with the Fixkiss cloud service using robust encryption. Currently, we use AES 256-bit encryption and Transport Layer Security (TLS v1.2). Data encryption is augmented through strong identity management. All Fixkiss connected products have identities when they come out of the factory and those identities are validated upon each new cloud connection.

How is data stored at rest?

Within Fixkiss’s cloud (built on top of AWS), customer data is stored encrypted. Customer data has multiple encryption keys which are rotated on a regular basis to reduce the risk of the data being compromised even in the event of a key exposure.

Within the mobile application, data storage follows the platform’s standards for application-secure data; any sensitive data that is used by the application is not stored on the mobile device, but is instead securely transported to Fixkiss’s cloud for storage.

How do we keep our products up-to-date and secure?

In conjunction with our security-minded development processes, Fixkiss ensures that we monitor and adhere to all supplier and industry alerts regarding security patches to systems and components used in our products. Additionally, we actively promote and sponsor private bug bounty programs and hacking events to collaborate with the broad security research community to assist Fixkiss to responsibly address any vulnerabilities that may be discovered in our products.

How are the robots securely updated in the home?

When a robot requires an update, the robots are notified of the available update when they interact with the cloud and connect to a secure location to download a software update. The connection is authenticated to ensure it is the official Fixkiss location. Each download is cryptographically signed to assure it is an official Fixkiss update.

How do we secure the ‘HOME’ App?

The mobile ‘HOME’ application is built to the security standards as specified by the manufacturers of the operating systems and devices (Apple iOS, Android, Samsung, etc.), and include advanced obfuscation tools to limit reverse-engineering by malicious users. The mobile apps are sold only through qualified application stores from these same manufacturers, and users should only install the app from these sites.

How do we secure maps and map data?

Fixkiss considers maps of the home to be your sensitive, confidential information. Maps are protected following the industry standard guidelines to ensure the security of this data just like any other personal data. In addition to the standards mentioned above for encryption at-rest and in-flight, access to this data is tightly controlled, monitored and regularly audited. Fixkiss machines accessing this data have data-leak prevention software installed to ensure the data is tracked as it is accessed for use in customer support and robot improvement processes.

How secure is using an app not provided by Fixkiss?

Fixkiss embraces innovation and lets third-party software interact with our products when that software presents the correct credentials. As a result, independent developers are able to create tools and accessories that may create an enhanced user experience for you. While the security of your data produced by your robot and stored in the Fixkiss cloud remain safe, Fixkiss recommends you to verify the third-party documents on how your data is handled.

Future products and security

The landscape of security threats is ever evolving, as is the security at Fixkiss. Fixkiss continuously trains, researches, and exercises processes that improve the maturity of the company’s overall ability to identify, react to, isolate and resolve security issues within our company and our products as quickly as possible.

For more details on our principles and approach on privacy or customer data, please take a look at our Privacy Policy.

If you are a security researcher and believe you have found a bug in one of our connected products, we'd like to hear from you! Please visit our Bug Bounty program for the program's rules and to submit your research for consideration.